Missing Rundll32.exe/Virus/Trojan arrrrgghhh

[guestolo]

Can you do the following
Close all browser windows
Uninstall all the following from Add/Remove programs

Older versions of Sun Java, this includes
Java™ SE Runtime Environment 6 Update 1
Java™ 6 Update 2
Java™ 6 Update 3
Java™ 6 Update 5
Java 2 Runtime Environment, SE v1.4.2

Leave Java™ 6 Update 25 installed, as it's the latest version

Uninstall older version and insecure copy of Adobe Reader 8.2

Remain in Add/Remove programs and uninstall Viewpoint Media Player
Then finally remove HP Smart Web Printing 4.5

Come back here
To make sure you have the latest version of Adobe Flash Player installed:
1. To uninstall an older version, download this file to your Desktop: uninstall_flash_player.exe
2. Quit ALL running applications, including all Internet Explorer or other browser windows, and messenger applications (like AOL Instant Messenger, Yahoo Messenger, MSN Messenger).
3. Double-click on the file you've downloaded to uninstall Flash.
Delete the uninstaller
we'll update it in a bit

Reboot your computer
Back in Windows
let's get Adobe Reader updated
Go to the following link
http://get.adobe.com/reader/otherversions/


UNTICK the option to also install McAfee Security Scan and/or Google toolbar or similiar if available
Select your operating system, language, and then I would opt to choose Adobe Reader version 9.4
Download and save to desktop the installer for the latest version of A. Reader
Double click on the installer to install
After successfully installing, you can delete the installer on desktop
Can you open Adobe Reader and click on HELP>>CHECK FOR UPDATES and install any update if found to ensure you are right up to date

Afterwards:
Go to the following link
http://get.adobe.com/flashplayer/otherversions/

Choose operating system and version
Note: Do this procedure twice and get both
"Flash player for IE" then "Flash player for other browsers"
Save the installers to desktop
Untick the selections for 'Google toolbar' or 'McAfee Security Scan' if it is an option
Close browser windows, then install both
install_flash_player_ax.exe and install_flash_player.exe


If you want the latest version of HP Smart Web Printing
You can get it from here
http://h10025.www1.hp.com/ewfrf/wc/softwareDownloadIndex?softwareitem=dj-53485-2&lc=en&dlc=en&cc=us&os=228&product=3551212&sw_lang=8

Again, keep me informed how things are now running
We'll do some final cleanup and get you an AntiVirus

[iboglander]

OK, all instructions followed except loading a new SmartWebPrint, not even sure I've ever consciously used it (do I need or you recommend I have it?).

Sorry for the delay between responses, life got in the way. Married, 2 kids blah blah blah.

Notes:
1. When I open programs it still asks me about running rundll32.exe, should I just uncheck the "ask me" part and be done with it?
2. My Start/All Programs list is populated again, but only with folders, no actual executable files in them, except things youve had me download and a couple under Accessories.

Waiting for next commands O Mighty Master of the Mysterious Menagerie of Malware =D

[guestolo]

Don't worry about the delay, I understand, the wife and I only have dogs however  http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/laugh.gif\' class=\'bbc_emoticon\' alt=\':lol:\' />

OK, all instructions followed except loading a new SmartWebPrint, not even sure I've ever consciously used it (do I need or you recommend I have it?).

No, you don't need it, so just leave it alone

1. When I open programs it still asks me about running rundll32.exe, should I just uncheck the "ask me" part and be done with it?

Yes, go ahead and uncheck it, but I question whether the setting will hold, we will see

2. My Start/All Programs list is populated again, but only with folders, no actual executable files in them, except things youve had me download and a couple under Accessories.

Download and save to desktop Unhide.exe
double-click on the Unhide.exe icon on your desktop and allow the program to run
You should be prompted that your files are now visible
You can delete unhide.exe

Can you reboot the computer
Then let me know if files are visible again
In addition, see if you still get that rundll32.exe prompt after unchecking ask me

[iboglander]

Dogs, sometimes I'd like to trade the kids in for dogs...they're easier to please..and potty train for that matter...

OK files under Start/All programs: Remains the same...folders that lead to "<empty>" i.e. Start/All Programs/Games/(empty); Start/All Programs/itunes/(empty)..lather, rinse repeat.

As far as the unchecking for the rundll32.exe issue, unchecked before reboot..never popped again. After reboot, still holding...no pop up, just straight to whatever I'm opening. WIN!

Next?

[guestolo]

I want to try registering a shell32.dll
We can do it from Start>Run command
But let's run the next tool, as it will do so much more

download and save to desktop
Dial-A-Fix from the following location
[color="#0000FF"]Click HERE[/color]
After you have it saved to desktop, Extract the folder within to your desktop

Open the Dial-A-Fix folder and double click on DialaFix.exe icon
Don't worry if you get an "Unable to determine your version of IE....." message, and it goes on asking to email them, just ignore it
and click OK
Select the [color="#00FF00"]GREEN[/color] check, this will select all options

Then hit the GO
Verify that your Date/time is correct, click OK to continue
You will eventually get to the point of it Registering >> Explorer/IE/OE/Shell/WMP
and more than likely get about 12 error messages as eg...
"Error 127, blah blah blah"

Again, ignore those error messages by click OK
When Dial-A-Fix is complete, click EXIT

Reboot your computer

Back in Windows, any help?

[iboglander]

No change: exactly the same=( Start/All Programs/Ccleaner/(empty) yadda yadda yadda


.....awwwww, Sleep must have crept in and taken you, lol.

Thanks for all your help today! Have a great night.

[guestolo]

Can you run this fixit tool from Microsoft
It's simply a fix to reset the User Shell Folder
http://go.microsoft.com/?linkid=9708107
When you click on the link, select to Run it and follow the prompts
When done, click Close and choose Yes to reboot, any luck?

[iboglander]

No luck, no change=(

PS thanks for the Mozilla advice, been running around on it and checking it out, I likey, lol.
But why, out of curiosity, the preference for Mozilla vs IE for downloads and such...just lookin to get some knowledge or a link to knowledge, lol.

Anyway..next?

[guestolo]

Hmm, can you do me a favor
Set Windows To Show Hidden Files and Folders

    * Click Start.
    * Open My Computer.
    * Select the Tools menu and click Folder Options.
    * Select the View Tab.
    * Under the Hidden files and folders heading select Show hidden files and folders.
    * Uncheck the Hide protected operating system files (recommended) option.
    * Uncheck the Hide Extensions for known file types
    * Click Yes to confirm.
    * Click OK.
Do you see the start menu shortcuts again?

Sorry, missed this

But why, out of curiosity, the preference for Mozilla vs IE for downloads and such

Not sure what you mean
I prefer Firefox if that's what your asking?

[iboglander]

No change, settings were already like that for starters. I toggled them all back to hidden, hidden and hidden and applied. Then went back and showed, showed and showed and applied, but still no change. I hope that made sense, lol.

Also, noticed that under Administrative Tools in the Control Panel there is absolutely nothing there, no files or folders. Just something I came across=D

[iboglander]

You were adamant yesterday about me using Mozilla for some of the downloads yesterday, thats why I was asking about that (I know your multitasking a bunch of us and you just woke up, lol).

How do I do a screenshot by the way, its been so long I honestly dont remember and all the screenshots I've done in recent years were game related, lol. I just want to capture what I'm looking at to show you and make sure were on the same page and that I'm explaining it correctly.

[guestolo]

Actually, can I take a closer look at some settings please
Would you mind meeting me in Chat
Simply click the Chat button on the top menu bar, just below IPBoard

Edit>>If you can't find the Chat button, an easier way is to click on this link
http://www.thetechguide.com/forum/index.php?app=tinychat

[iboglander]

ok back home and around, if you are available tonight=D

[guestolo]

Are you there? I'm in chat now!

Edit>>Guess your out, anyways, I'll check back later, if not, maybe see ya tomorrow

[iboglander]

ok back again, lol, checkin every hour...now every 30 min, lol.

[guestolo]

How is everything now running?
Need to get those shortcuts back?

Post back and let me know please

[iboglander]

Been a rough week havent touched the comp much unfortunately..however no new issues so thats a win! Yes the shortcuts are still missing, I just havent had the time to get to them, lol..if I even know exactly what Im doing to fix them, that is.

If I hadnt said it before, thank you so much for all your time and energy in this. It is much appreciated.

If I get some comp time this weekend, I will see if I can do some checking/fixing and maybe even hook up with you for some double checking, lol.

See you sometime soon hopefully.

Irish

PS anything I should do/send you to see from the technical side if things look ok?

[guestolo]

when you have a chance, I just want to double check if your Shortcuts are still on your computer, or if your temp files are all gone
If they're not on your computer, we can transfer shortcuts from my XP system to yours, not a big deal
Some of the other programs however, I will leave to you, it's not a tough task, just tedious

Can you do the following please
Open OTL.Under the Custom Scan box paste this inexe, click on NONE on the top
Then Under the Custom Scan box paste this in

%temp%\smtmp\*.* /s
%temp%\*.lnk /s

Click on Run Scan, it won't take long
Post the contents of the log please, if anything

[iboglander]

OTL logfile created on: 5/21/2011 3:37:26 PM - Run 3
OTL by OldTimer - Version 3.2.22.3    Folder = C:\Documents and Settings\Napper\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1,022.00 Mb Total Physical Memory | 392.00 Mb Available Physical Memory | 38.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): C:\pagefile.sys 3048 4096 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 196.11 Gb Free Space | 84.21% Space Free | Partition Type: NTFS
Drive D: | 37.62 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 464.26 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: YOUR-D26EF63B94 | User Name: Napper | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
 
========== Custom Scans ==========
 
 
< %temp%\smtmp\*.* /s >
 
< %temp%\*.lnk /s >

< End of report >

And yes I'm having issues finding some of my shortcuts, especially when Im starting to be unsure of what came from where anymore, lol.

[guestolo]

When you have time, we can hookup
I'll be around most of the weekend, mind you it is a long weekend up here in Canada, so I'll be in and out